NSA seeks to combine offense and defense in its spy efforts
The NSA has two key missions: foreign intelligence-gathering and information assurance. One mission helps the other, as intelligence gathered by one side can be used by the other team to improve how government networks and private sector networks are protected. The NSA will pull together its offensive and defensive capabilities as part of the NSA21, or NSA in the 21st century, plan, said Michael Rogers, commander of the United States Cyber Command and director of the NSA, at the RSA Conference on Tuesday.
The NSA needs to figure out how to fulfill its twin missions, but there are some core tenets which can't be ignored, he said. They include accepting that there is no one single answer to solve the problems plaguing information security, and accepting that technology alone can't fix everything. It's important to not forget about the human factor.
"The nation counts on us to protect its security and safety, and we have to do it in a way that protects the privacy and rights of our citizens," Rogers said.
The NSA21 reorganization plan goes counter to recommendations made by a presidential panel in December 2013 that the NSA should concentrate on foreign intelligence-gathering operations. Under the plan, publicly disclosed in early February, the NSA's spying and cyberdefense directorates would merge into a unified team responsible for both espionage and defending computer networks.
The presidential panel had recommended creating a separate agency within the Department of Defense to responsible for securing government networks and assisting the private sector with securing corporate networks.
Rogers downplayed industry concerns over the potential conflict of interest between NSA's offensive and defensive arms. Instead, he urged security professionals and technology companies to partner with the government to face the threats. "We are not going to solve this within the government and the Department of Defense specifically," he said. "If you're interested in participating in some of those exercises, we're interested in speaking with you."
Adversaries are getting more aggressive, and it's only a "matter of when, not if," a foreign nation tries to attack United States critical infrastructure, Rogers said. he cited the December attack on the Ukranian power grid as an example of the kind of attack to expect against the U.S.'s critical infrastructure.
In fact, Rogers suggested the Ukrainian attack was partly a trial run for attacks in the U.S. and elsewhere, not meant to only disrupt Ukraine as part of the proxy war being raised by Russia in that country. He said they were interested in how the provider responded to the outage and were looking at how they could slow down the provier's recovery efforts. "This is not the last time we will see this, ant that concerns me," he said.
The NSA chief also mused about how attacks against data would evolve. At the moment, the focus is on just stealing data, but there will come a time when attackers will start manipulating data, software, or products, he said. Modifying data to show something other than what is expected can have far-reaching consequences, such as if bank accounts don't display the amount of money the customer believes there should be, or if businesses see their financial transactions not reflect what they expect to see.
"What do you do when you can't believe the data" he asked.
Rogers's final worry was about adversaries moving away from using online tools for recruiting and towards actual destruction. Currently, these adversaries use tools to recruit, spread ideology, and generate revenue. The next stage would be destructive attacks to disrupt the status quo. "What happens when those same actors use cyber as a tool for destruction" he asked.
While Rogers was on stage, Apple and FBI were facing off in Congress over the federal government's attempt to force Apple to devise ways to bypass iPhones' and iPads' password and encryption protections.
Rogers didn't really touch on the debate, but noted, "We find ourselves in a space where there are those who want to use that same technology to harm." However, the issues at stake are "fundamental to the very construct of our nation" and that it was important that everyone work together to find commong ground. There needs to be an actual dialogue, as opposed to the current situation where everyone is just yelling at each other, he said. "We're spending a lot of time talking to each other about what we can't do. ... It’s time for all of us to stop talking past each other and start talking to and with each other."